Security News

Financial services organizations are being squeezed on all sides, as regulators are tightening legislation, from SOX to CCPA, GDPR and global data privacy laws like PIPL. In this firestorm, it's never been more important for financial services organizations to level up their data protection and risk mitigation strategies. According to the report, financial services reported the second-lowest rate of data encryption at 54%, compared to a global average of 65%. Amongst the financial services organizations that were hit, 52% paid the ransom to restore data, which is higher than the global average of 46%, and the survey found that the average remediation cost in financial services was US$1.59M, which is above the global average of US$1.4M. Response rates are too slow.

Major financial and insurance companies located in French-speaking nations in Africa have been targeted over the past two years as part of a persistent malicious campaign codenamed DangerousSavanna. Countries targeted include Ivory Coast, Morocco, Cameroon, Senegal, and Togo, with the spear-phishing attacks heavily focusing on Ivory Coast in recent months, Israeli cybersecurity firm Check Point said in a Tuesday report.

The U.S. Federal Bureau of Investigation on Monday warned of cyber criminals increasingly exploiting flaws in decentralized finance platforms to plunder cryptocurrency. "The FBI has observed cyber criminals exploiting vulnerabilities in the smart contracts governing DeFi platforms to steal investors' cryptocurrency," the agency said in a notification.

Veracode released data revealing that the financial services industry ranks among the best for overall flaw percentage when compared to other industries, but has one of the lowest fix rates for software security flaws. In last year's report, the industry boasted the lowest number of software security flaws across all sectors but has been overtaken by manufacturing in this year's study.

Businesses are increasingly concerned about how they will meet ransomware demands. Only 19 percent of those surveyed have ransomware coverage limits above $600,000, while over half hoped the government would cover damages when future attacks are linked to other nation-states, according to BlackBerry Limited and Corvus Insurance.

The key takeaway is that digital growth in the financial industry is not stopping; therefore, cybersecurity teams will need ways to gain accurate, real-time visibility into their attack surface. Breach and attack simulation, or BAS, helps identify vulnerabilities by simulating the potential attack paths that a malicious actor might use.

The mobile threat campaign tracked as Roaming Mantis has been linked to a new wave of compromises directed against French mobile phone users, months after it expanded its targeting to include European countries. Attack chains involving Roaming Mantis, a financially motivated Chinese threat actor, are known to either deploy a piece of banking trojan named MoqHao or redirect iPhone users to credential harvesting landing pages that mimic the iCloud login page.

A previously unknown Android banking trojan has been discovered in the wild, targeting users of the Spanish financial services company BBVA. Said to be in its early stages of development, the malware - dubbed Revive by Italian cybersecurity firm Cleafy - was first observed on June 15, 2022 and distributed by means of phishing campaigns. "The name Revive has been chosen since one of the functionality of the malware is restarting in case the malware stops working, Cleafy researchers Federico Valentini and Francesco Iubatti said in a Monday write-up."

Interestingly, the expectations for a friction-free journey have made financial institutions rethink the false dichotomy between maintaining stringent security and a positive customer experience. Savvy financial institutions are realizing that they don't need to choose between customer experience and fraud loss; rather, they need to identify and implement more efficient and effective tools when it comes to verifying with whom they are conducting business.

Cybersecurity researchers have taken the wraps off what they call a "Nearly-impossible-to-detect" Linux malware that could be weaponized to backdoor infected systems. Dubbed Symbiote by threat intelligence firms BlackBerry and Intezer, the stealthy malware is so named for its ability to conceal itself within running processes and network traffic and drain a victim's resources like a parasite.